package com.tongfusoft.web.core.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.tongfusoft.web.core.Constant;
import com.tongfusoft.web.core.SessionContext;

public class AuthorizationFilter implements Filter {
	private List<Pattern> excludePatterns = new ArrayList<Pattern>();
	private List<Pattern> includePatterns = new ArrayList<Pattern>();
	private String loginPath;
	private Log log = LogFactory.getLog(AuthorizationFilter.class);
	
	public List<Pattern> getExcludePatterns() {
		return excludePatterns;
	}

	public void setExcludePatterns(List<Pattern> excludePatterns) {
		this.excludePatterns = excludePatterns;
	}

	public List<Pattern> getIncludePatterns() {
		return includePatterns;
	}

	public void setIncludePatterns(List<Pattern> includePatterns) {
		this.includePatterns = includePatterns;
	}

	public String getLoginPath() {
		return loginPath;
	}

	public void setLoginPath(String loginPath) {
		this.loginPath = loginPath;
	}

	@Override
	public void destroy() {
		// TODO Auto-generated method stub

	}
	
	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest htrequest = (HttpServletRequest) request;
		HttpSession session = htrequest.getSession();
		
		String path = htrequest.getRequestURI();
		path = path.substring(htrequest.getContextPath().length());
		
		
		prepvalid(htrequest,(HttpServletResponse) response);
		
		validSession(htrequest,session);
		
		//除去排除的地址
		for (Pattern pattern : excludePatterns) {
			if (pattern.matcher(path).find()) {
				chain.doFilter(request, response);
				return;
			}
		}
		
		boolean isIncluded = includePatterns.size() == 0;
		if (path.equals("/")) {
			isIncluded = true;
		} else {
			for (Pattern pattern : includePatterns) {
				if (pattern.matcher(path).find()) {
					isIncluded = true;
					break;
				}
			}
		}
		if (isIncluded) {
			if (session.getAttribute(Constant.SESSION_USER) == null) {
				session.setAttribute(Constant.REF_PATH, htrequest
						.getRequestURI());
				((HttpServletResponse) response).sendRedirect(htrequest
						.getContextPath()
						+ this.loginPath);
			} else {
				chain.doFilter(request, response);
			}
		} else {
			chain.doFilter(request, response);
		}
		
	}
	
	//判断session
	private void validSession(HttpServletRequest htrequest,HttpSession session){
		if(session.getAttribute(Constant.SESSION_USER) == null){
			String sessionId = htrequest.getParameter("jsessionid");
			if(StringUtils.isNotEmpty(sessionId)){
				if(SessionContext.getSession(sessionId) != null){
					session.setAttribute(Constant.SESSION_USER,SessionContext.getSession(sessionId).getAttribute(Constant.SESSION_USER));
				}
			}
		}
	}
	
	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		log.info("********************Atuhorization init*****************************");
	}
	
	/**
	 * 前置处理
	 * 供不同的项目自行处理
	 */
	protected void prepvalid(HttpServletRequest request,HttpServletResponse response){
		
	}
}
